We use cookies and similar technologies to recognize your repeat visits and preferences, to measure
the effectiveness of campaigns, and improve our websites. For settings and more information about
cookies, view our Cookie Policy. By clicking “I accept”
on this banner or using our site, you consent to the use of cookies.

I ACCEPT

Avast Threat Labs - Clean guidelines

Avast Antivirus protects your PC by detecting and blocking malicious threats. To accurately determine whether a software program contains malicious content, we use a set of guidelines which outline what we consider to be malicious and potentially unwanted behavior.

Prohibited:

All forms of impersonation of system messages (for example, impersonating the Windows user interface, MSFT/Windows logo, and so on), other brands (such as Chrome, Flash, anti-malware, and so on) or web components (for example, download buttons).

Displaying multiple “call to actions” with different wording but leading to the same or a similar action.

Advertising a free product for a cost.

Download

Auto or direct download from ads is strictly prohibited.

Disclosure and consent

Starting the app download or installation process without proper disclosure and user consent is strictly prohibited.

Installation Process

Recommended:

Signing software

Every executable file should contain a vendor identifier. No specific format is required, but version information is preferred. Alternatively, a plain text description in a custom section is also sufficient.

Availability of a digital signature is preferred.

If the file is packed, it should have a Taggant.

Must have:

Bundling software

All included programs should be legitimate in nature and contain a clear, positive value to the installing user.

Each program must be offered on its own offer/install screen with clear information about its functionality, behavior, cost (if applicable) and purpose.

Each offer screen must have a clearly labeled skip/decline button or opt-in/opt-out checkbox enabling the user to decline the offer.

Each offer screen must have the same wording, “Call to Action” buttons, navigation style and button placement throughout the installation process.

Any software that includes third party components or software therein must provide appropriate disclosure to end users.

User consent, control and transparency

All disclosure and consent clauses must be unavoidable to end users, must meet industry standards for readability and must be presented in a language that an ordinary end user comprehends.

User consent must be obtained before download/installation of any software.

The installer must only install the software which user provided their consent to install.

The user must be able to stop the installation at any point.

Any data acquisition must be made with the end user’s consent.

Each setup screen must include exit functionality.

App installation must not be affected by any user decisions on the offers.

The app must disclose to the user the name of the product, the identify of the developer or or the brand name of the providing entity, and how to contact this entity.

The software’s EULA must disclose to the user if and how the app may affect any other programs on the user's PC and settings.

It must be clear in which stage the installation currently is and show progress during longer stages (i.e. while copying/downloading files).

Misleading behavior

All of the app’s functionalities must correlate with the description mentioned in the installation screens.

Update

A software updater can only update the main application (it must not install any additional software without the user's consent).

Prohibited:

Bundling software

Software without offer screens.

Any form of promoting exaggerated or false claims about the user's system (health, registry, files, etc...).

Software must not access any other site that doesn’t directly relate to consented software functionality.

Any type of installation which does not require the End Users’ informed consent is expressly prohibited.

Misleading behavior

The installer must not mislead a user to take action he has previously declined.

Revenue modules must not engage with fictional installations of the product or the revenue model.

The software must not display exaggerated, misleading, or inaccurate claims about the health, files, registry or other items of the uder's system.

The installer must not initiate the installation of an app based on false, misleading, or fraudulent representation.

The software must not falsely claim to be a program from another brand (such as Avast, Microsoft, Google, Adobe, etc.).

Interfering

Software must not engage with interfering, replacing, uninstalling, or disabling any third party content, application, browser functionality and/or settings, websites, widget, the operating system or any part thereof without the user's consent.

Software must not engage in any fraudulent activity.

Software must not interfere with the browser default search/search pages without the user’s consent.

Program functionality

Must have:

Transparency and attribution

Ads must include a clear attribution to the providing application.

Ads must be clearly labeled and identified as ads.

When injecting data into external content (such as websites or search results), monetization services must be clearly labeled and distinguishable from any platform (such as a website) it appears on.

Ads must provide a link to an “Ad Info” webpage with the following prominent notices and information:

A short explanation about why the ad was displayed.

Links to the advertiser’s full and clear description of the revenue module.

Links to the product’s terms of service and privacy policy.

Prohibited:

Transparency and attribution

A program must not fail to clearly indicate when the program is active, and must not attempt to hide or disguise its presence.

Program behavior

Software must not include monetization services such as pop-ups, pop-unders, expanding banners, etc.

Software must not use the end user’s device for purposes that are unwarranted and unexpected by the end user.

Software must not decrease a PC's reliability and/or cause a poor end user experience.

Uninstallation process

Must have:

Completely remove all components of the software and/or related monetization modules, leaving no remains on the user's PC.

Function properly in an equivalent manner to the installation process.

Include a corresponding “Add/Remove” entry in the Windows Control Panel or equivalent on different platforms, and the user must be able to completely uninstall the software.

Show the same software name as shown during the installation process and during operation of the app and/or monetization module. Likewise, the same software name must be visible in the Add/Remove section of the Windows Control Panel.

Provide an easy way to close the software and/or ads attributed to it.

Privacy Policy and EULA

Must have:

Privacy Policy

The app and/or monetization service’s privacy policy must comply with the applicable privacy and data collection and protection laws, and provide a clear and comprehensive description of the advertiser’s data collection practices.

The Privacy Policy must specify:

Whether the software uses cookies or other means of collecting user data.

What types of user data is accessed, collected, used, or disclosed, as well as what means it uses to do so and what is done with the collected data.

How a user can opt out of PII collection and stop the app and/or monetization service from collecting PII data about them. Users must be able to achieve this in a straightforward way, and the app and/or monetization service must comply with the users’ request immediately.

EULA

The app and/or monetization service must comply with the applicable laws and have an EULA that is easy to access during the installation process and from the app’s website.

The vendor and product must comply with the EULA as accepted by the user during installation.

The app and/or monetization service should be clearly described in the EULA, any changes to the EULA require updated user consent.

Prohibited:

Privacy Policy

The app and/or monetization service must not sell or otherwise share with third parties personally identifying information without the user’s specific consent in advance.

The app and/or monetization service must not mislead users about the origin of cookies and/or other means of data collection, or cause a user to falsely believe it is associated with another app.